Status for Andrew DeFaria

• Had AD groups created in one day!
• Supported the server move to Cartwright. The move invalidated all Clearcase/Multisite licenses! Got emergency licenses

Posted by Andrew DeFaria at 06:42 PM | Permalink

• Finished nag. Started nagging David Chu and TTE-EMP people. Worked well with TTE-EMP people....
• Requested creation of AD groups for TTE-EMP. Created in one day! Yippie!. Showed Loren how to make .perms files. Still need to address the issue of Empower people being in which CC group...
• Changed web pages to use new print CSS

Posted by Andrew DeFaria at 06:22 PM | Permalink

• Met with Victor Larson and William Fagerberg regarding tools push. We went over my install scripts and they will attempt to package up an msi file that will install Clearcase and TUP and add the appropriate registry entries for the user. We in CM just need to ensure that we have the appropriate reg file set up before the pushes occur.
• Changed Lockvobs to use an exclusion list of vobs to not [un]lock vobs
• Helped new guy, John Luu, with his set up

Posted by Andrew DeFaria at 09:47 AM | Permalink

• Implementing email reminder

Posted by Andrew DeFaria at 09:56 AM | Permalink

• Attended backup meeting. It may be that we cannot use diskpart to break hardware mirrors! Spoke with a Rusty Young and he wants a copy of our requirements and may present us with other options like Volume Shadow Copy, SAN, etc.
• Modified Display module to accept optional filehandle and to display errors and warnings to STDERR
• Checked in initial Logger Object. Now uses Display module

Posted by Andrew DeFaria at 11:49 AM | Permalink

• Worked on a Logger object
• Resolved long standing Compare does not work in snapshot view issue. Turns out that certain vobs had forward slashes instead of backslashes in their storage paths for the vob tags. Changed to backslashes and compare works again. Strange! Bug in Rational code. Cleaned up all vob tags. View tags do not appear to be affected. May think about changing tagit to tag things with only backslashes...

Posted by Andrew DeFaria at 05:26 PM | Permalink

• Finally got view restored. Recovered the triggers.dat file and the NoPBLs trigger
• Implemented both the NoPBLs and Permissions triggers
• Implemented vobsize

Posted by Andrew DeFaria at 03:15 PM | Permalink

Implemented Permissions trigger.

Posted by Andrew DeFaria at 03:12 PM | Permalink

I've given the "permissions trigger" some thought and would like to formalize the requirements a bit. The new trigger will have the following characteristics:

• Since multiple groups will be allowed write access to the vob they will need to be added as additional groups on the vob group list.
• Determination of what users get additional write capability will be on Active Directory groups. IOW you can grant write access to say the CC-PMO group but not specifically to Mike Hrenko who is a member of the CC-PMO group. Additionally CC-PMO would need to appear on the vob group list in this example.
• The trigger will use CLEARCASE_PRIMARY_GROUP to determine what group the user is. This avoids having to do LDAP lookups and it's the way that Clearcase does it anyway. CLEARCASE_PRIMARY_GROUP will not be used verbatim - if it were then anybody would "fake" out the trigger by merely setting CLEARCASE_PRIMARY_GROUP. Instead "creds" will be called to ascertain the effective primary group.
• A permissions element will be created that will contain a list of groups, one per line, that are allowed write access from this folder downward. The vob's initial or primary group owner (CC-TTE in the case of Core_automation) will always have write permission. Furthermore the permissions element should be secured such that only vob's primary group owner can modify it. Otherwise other groups could easily modify the permissions element thus granting write permissions to arbitrary groups.

Let's see an example of how this will work and how the trigger will respond. Let's assume the following directory structure:

Core_automation

Empower CC-EAG-AS, CC-EAG-ESB

Functions CC-EAG-VIP
Results CC-EAG-VMS
Common

Further let's assume that the permissions element is at the Empower level and contains the groups CC-EAG-AS and CC-EAG-ESB. This says that those two groups (as well as CC-TTE as primary group owners of the vob) have write permission (the ability to checkout) elements from Core_automation/Empower downward. Additionally let's say that we have a permissions element at Empower/Functions that lists CC-EAG-VIP and Empower/Results has a permissions element that lists CC-EAG-VMS. The following can be said:

• Members of CC-EAG-AS and CC-EAG-ESB have write permissions to Empower, Empower/Functions, Empower/Results and Empower/Common. Further, if new folders are created under Empower, CC-EAG-AS and CC-EAG-ESB will have write permissions to those new folders as well (IOW the write permissions are inherited by new folders that are created)
• Members of CC-EAG-VIP have write permissions to Empower/Functions and any new folders created under Functions, but they do not have write permissions to Empower/Results nor Empower/Common. Similarly CC-EAG-VMS has write permissions to Empower/Results but not to Empower/Functions nor Empower/Common

The pseudo code for the trigger is roughly as follows. Note that the trigger gets fired during checkout of an element only (it is assumed if the user successfully checked out the element then, at the time, he had write permissions and should be allowed to check in the element):

$vob_group_owner = GetGroupOwner (vob) 
$current_group   = GetCurrentGroup (CLEARCASE_PRIMARY_GROUP as per "creds") 

if (permissions element exists in the current folder) { 
  if (IsAMember (Parse ($permissions_element), $current_group) {
    <allow checkout>
  } else { 
    <recurse to check parent folder stopping at vob root> 
    <disallow checkout>
  } 
}

Posted by Andrew DeFaria at 03:07 PM | Permalink

• Helped Don with BUCS
• Attended meeting with TTE regarding how to better use Clearcase. Need to create a trigger that allows or disallows write access to certain areas of their vob

Posted by Andrew DeFaria at 05:47 PM | Permalink

• Fixed tagit to tag into the current region
• Adjusted findview to total views and accept multiple view search strings
• Helped Anje, Timmie and Mike with new Clearquest web installation in the lab

Posted by Andrew DeFaria at 06:50 PM | Permalink

• Consulted with ASAP regarding moving of views from a desktop to the server
• Helped Subba move a vob to the server
• Consulted with Babu regarding designing of Multisite replacement scheme

Posted by Andrew DeFaria at 09:06 AM | Permalink

• Created Display.pm Perl module
• Consulted with ASAP Re: Moving views
• Spoke with Rory Re: Backups
• Worked some more with Rational regarding the Compare to Previous problem

Posted by Andrew DeFaria at 07:21 PM | Permalink

• Started coding mirror_backup
• Worked with Rational on Compare to previous fails in snapshot view

Posted by Andrew DeFaria at 07:14 PM | Permalink

• Updated GetCCGroups.vbs to send email from servers
• Documented PowerBuilder/Clearcase Performance.

Posted by Andrew DeFaria at 10:56 AM | Permalink

Created various views to perform performance testing of PowerBuilder builds.

Posted by Andrew DeFaria at 07:09 PM | Permalink

• Completed BUCS Build Measurements. Managed to cut some of the build time by using outofdate and exclude_checkout options. Performed builds on each of Local/Remote snapshot views and Local/Remote dynamic views. Remote dynamic views are by far still the slowest with most of the time being spent in refreshing elements from Clearcase.
• The GetCCGroups.vbs email process failed today. Turns out the code cannot send email. Posted a question about this on the newsgroup. Need to change the VB Script to set the mail server apparently

Posted by Andrew DeFaria at 02:34 PM | Permalink